Exponential rise in security threats is driving SMBs to turn to MSPs for help
Security is a critical component of managed cloud services, but the expansion of hybrid work has made it an even higher priority for both MSPs and their customers. Working from less secure networks, with multiple devices, and in settings where employees may be more vulnerable (e.g. bouncing more often between personal and work activity) has significantly increased the surface area of security exposure.
Microsoft is tracking over 50 million security attacks daily, with 8 trillion threat signals every 24 hours. The combination of these quickly evolving threats and weekly news of security breaches is driving up the interest in and demand for enhanced security and compliance across all business sizes and industries. In fact, Microsoft reports that partners selling security solutions or services are seeing a 130% increase in year-over-year business, and can increase revenue by 26% with managed services around Security & Compliance and Teamwork.
Hybrid work also increases internal risks
The increased risks associated with hybrid work are not limited to external threats. According to the Verizon 2020 Data Breach Investigations Report, one of 12 data breaches were the result of internal mishandling or misuse of information. Thus, a comprehensive approach to security must include protections against these risks as well.
Additionally, there are many regional- and industry-specific regulations that include strict guidelines on the internal handling of sensitive data and costly fines for violations. E.g. fines for GDPR violations range from €10 to €20 million or 2 to 4% of the company’s global annual turnover of the previous financial year, whichever is higher.
Help protect sensitive information and boost compliance with Data Loss Prevention (DLP)
Data loss prevention (DLP) automatically identifies, monitors, and protects sensitive information like financial data, personally identifiable information (PII), and health records from being misused or mishandled either intentionally or unintentionally.
MSPs can set up and manage DLP policies for their customers in the Microsoft 365 Compliance Center. These policies:
- Identify sensitive information across multiple locations in Microsoft 365 including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.
- Prevent the accidental sharing of sensitive information. For example, policies can automatically block access to documents or the sending of documents with sensitive data.
- Monitor and protect sensitive information in the desktop versions of Excel, PowerPoint, and Word. The Office desktop programs include the same capabilities to identify sensitive information and apply DLP policies.
- Help users learn how to stay compliant without interrupting their workflow. DLP policies can include policy tips in to inform users when a policy impacts and action they are trying to perform.
- View DLP alerts and reports to assess how a customer is complying with a DLP policy.
Leverage preconfigured DLP policy templates from Microsoft
Microsoft 365 also includes preconfigured DLP policy templates which can both streamline configuration and ensure compliance with regulations such as HIPAA, GDPR, and a variety of other regional- and industry- specific regulations.
Once a template is in place, it can be fine-tuned if needed. For example, you can add new types of sensitive information to a rule, modify the counts in a rule to make it harder or easier to trigger, allow people to override the actions in a rule by providing a business justification, or change who notifications and incident reports are sent to.
While these templates are helpful, with all the compliance regulations out there, it can be difficult to ensure that each customer has the DLP policies in place that align with their specific security and compliance needs. It also requires time and expertise to accurately apply these policy templates.
4 ways Cloud Manager can help you easily implement and deliver DLP for enhanced security and compliance
Simplify and streamline DLP policy configuration
Pre-built automation combined with the no-code Run Command panel in Cloud Manager makes it fast and easy to accurately apply up to 20 DLP policy templates, including a variety of financial, health, and PII regulations across multiple countries and regions.
To apply any number of DLP policies to a customer, you simply:
- Open the command in the Run Command panel
- Select the DLP policies you want to apply
- Click Run
Improve security and compliance reporting
Every action taken in Cloud Manager is automatically recorded in the Activity log. Therefore, after running this command to set up DLP policies, there is a record of that action and its details that can easily be incorporated into customer reporting and ongoing service reviews.
For more on reporting, see:
- Cloud Manager Monitor and Schedule
- Cloud Manager Reporting Add-In for Power BI
- Cloud Manager Power BI Reporting Templates
Standardize DLP policies across customers
Because Cloud Manager enables commands to run across multiple customers, this command was written to allow multiple customers to be selected. This can help streamline the application of standardized DLP policies across customers with common DLP requirements.
For more information on running commands across customers, see How to format commands to run across multiple customers
Align the command to meet the needs of your business
This pre-built command includes 20 of the most commonly used DLP templates. However, because it is likely that a partner’s customer base would not require all the templates, the Cloud Manager Workbench makes it easy to remove any unnecessary templates to further simplify command execution.
For more information, see Cloud Manager Workbench.
Explore more ways Cloud Manager can help you drive recurring revenue with security and compliance services
MSPs can help their SMB customers navigate the complex security and regulatory landscape with value-add managed services. Cloud Manager provides automation to perform security assessments, monitor and report security threats, and remediate gaps – strengthening the revenue opportunity.
To explore Cloud Manager capabilities and pre-built automation that helps MSPs both improve current security services delivery and create new and expanded services, download the Cloud Manager Cloud Security Playbook.